CVE-2010-0996 (GCVE-0-2010-0996)
Vulnerability from cvelistv5
Published
2010-04-20 16:00
Modified
2024-08-07 01:06
Severity ?
Summary
Unrestricted file upload vulnerability in e107 before 0.7.20 allows remote authenticated users to execute arbitrary code by uploading a .php.filetypesphp file. NOTE: the vendor disputes the significance of this issue, noting that "an odd set of preferences and a missing file" are required.
References
PSIRT-CNA@flexerasoftware.comhttp://e107.org/comment.php?comment.news.864Patch, Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://e107.org/svn_changelog.php?version=0.7.20
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/39013Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/secunia_research/2010-44/Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://www.securityfocus.com/archive/1/510805/100/0/threaded
PSIRT-CNA@flexerasoftware.comhttp://www.securityfocus.com/bid/39540
PSIRT-CNA@flexerasoftware.comhttp://www.vupen.com/english/advisories/2010/0919Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/57932
af854a3a-2127-422b-91ae-364da2661108http://e107.org/comment.php?comment.news.864Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://e107.org/svn_changelog.php?version=0.7.20
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/39013Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/secunia_research/2010-44/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/510805/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/39540
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0919Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/57932
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-07T01:06:52.647Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://e107.org/svn_changelog.php?version=0.7.20",
               },
               {
                  name: "ADV-2010-0919",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2010/0919",
               },
               {
                  name: "39540",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/39540",
               },
               {
                  name: "e107-phpfiletypesphp-file-upload(57932)",
                  tags: [
                     "vdb-entry",
                     "x_refsource_XF",
                     "x_transferred",
                  ],
                  url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/57932",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/secunia_research/2010-44/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://e107.org/comment.php?comment.news.864",
               },
               {
                  name: "39013",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/39013",
               },
               {
                  name: "20100419 Secunia Research: e107 Avatar/Photograph Image File Upload Vulnerability",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/archive/1/510805/100/0/threaded",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2010-04-15T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Unrestricted file upload vulnerability in e107 before 0.7.20 allows remote authenticated users to execute arbitrary code by uploading a .php.filetypesphp file.  NOTE: the vendor disputes the significance of this issue, noting that \"an odd set of preferences and a missing file\" are required.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-10-10T18:57:01",
            orgId: "44d08088-2bea-4760-83a6-1e9be26b15ab",
            shortName: "flexera",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://e107.org/svn_changelog.php?version=0.7.20",
            },
            {
               name: "ADV-2010-0919",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2010/0919",
            },
            {
               name: "39540",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/39540",
            },
            {
               name: "e107-phpfiletypesphp-file-upload(57932)",
               tags: [
                  "vdb-entry",
                  "x_refsource_XF",
               ],
               url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/57932",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://secunia.com/secunia_research/2010-44/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://e107.org/comment.php?comment.news.864",
            },
            {
               name: "39013",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/39013",
            },
            {
               name: "20100419 Secunia Research: e107 Avatar/Photograph Image File Upload Vulnerability",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "http://www.securityfocus.com/archive/1/510805/100/0/threaded",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "PSIRT-CNA@flexerasoftware.com",
               ID: "CVE-2010-0996",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Unrestricted file upload vulnerability in e107 before 0.7.20 allows remote authenticated users to execute arbitrary code by uploading a .php.filetypesphp file.  NOTE: the vendor disputes the significance of this issue, noting that \"an odd set of preferences and a missing file\" are required.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://e107.org/svn_changelog.php?version=0.7.20",
                     refsource: "MISC",
                     url: "http://e107.org/svn_changelog.php?version=0.7.20",
                  },
                  {
                     name: "ADV-2010-0919",
                     refsource: "VUPEN",
                     url: "http://www.vupen.com/english/advisories/2010/0919",
                  },
                  {
                     name: "39540",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/39540",
                  },
                  {
                     name: "e107-phpfiletypesphp-file-upload(57932)",
                     refsource: "XF",
                     url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/57932",
                  },
                  {
                     name: "http://secunia.com/secunia_research/2010-44/",
                     refsource: "MISC",
                     url: "http://secunia.com/secunia_research/2010-44/",
                  },
                  {
                     name: "http://e107.org/comment.php?comment.news.864",
                     refsource: "CONFIRM",
                     url: "http://e107.org/comment.php?comment.news.864",
                  },
                  {
                     name: "39013",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/39013",
                  },
                  {
                     name: "20100419 Secunia Research: e107 Avatar/Photograph Image File Upload Vulnerability",
                     refsource: "BUGTRAQ",
                     url: "http://www.securityfocus.com/archive/1/510805/100/0/threaded",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "44d08088-2bea-4760-83a6-1e9be26b15ab",
      assignerShortName: "flexera",
      cveId: "CVE-2010-0996",
      datePublished: "2010-04-20T16:00:00",
      dateReserved: "2010-03-18T00:00:00",
      dateUpdated: "2024-08-07T01:06:52.647Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      fkie_nvd: {
         configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"0.7.19\", \"matchCriteriaId\": \"0521F172-C4F7-4054-AA27-A8C5946C7F19\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"70AB914E-D616-45D2-A451-1C247B8B6E4C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA03C1AC-97EA-47ED-9558-A7CA48420AB2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"32695A82-B042-46B7-9CB4-20F3446E0C9E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.7.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6716A040-0CBE-4402-AB2A-1621B1240B0F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.7.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"81627355-AB45-4D47-8DD2-4087E6971EF2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.7.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D2DAAA4F-B893-4914-8538-E68DDA211225\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B649DDC6-EEE6-47E1-A69A-831E5C2DD58C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.7.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2FEEC90E-8640-4786-B014-CAD83EC4F2E6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.7.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E29B9B12-4C94-4A8D-B407-2D288502EFE2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.7.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C5CAADA1-1FBB-4983-A942-FC4490CE8D8E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.7.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B4D7C699-0E92-4D9C-9D8F-87C39A28ACCD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.7.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C62F8AD-EA30-441E-B97F-EF8DE640DC1B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.7.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F96C30A8-7E56-4806-B8D7-851D75B08738\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.7.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1C22711-AEC4-438F-9B37-64D36B0BDFC9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.7.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5E2AA435-E5FC-4555-B582-5C6FFC99327B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.7.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7A81364B-FB65-4591-ACA3-9D5991F0C30C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.7.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"069F5C7C-F549-4B92-A1EA-6310CCF64334\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.7.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"46EF46A3-7197-4C00-8298-9B938B6EE97B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.7.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B242DBD4-299A-49BC-B399-6C48E04D10DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.545:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8DDD8B3B-8580-4624-8D77-E3FD97DFF4A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.547:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF6E08F0-004C-4A00-861D-72A9082C3F41\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.548:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"CBF301C0-0DEF-4922-85BF-66BF6192A745\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.549:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"4805886F-099B-4808-A2FF-0A0B77CD566D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.551:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"984B6A2B-F9D5-48AB-8B57-DD62B200C441\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.552:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"45D6F945-96D1-42A1-AE66-3D7988DE9A15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.553:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"3065526A-4DDE-4F7F-97C5-2E0F3D0D106B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.554:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6454D949-83A2-4F69-92E1-BBCD84F21BC2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.554:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"27ABDE74-B886-47A6-909B-7EA428260FAD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.555:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC65CB58-4F17-4F8D-9682-9D6C1B33F39D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.600:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E80F85C-61AD-49C0-9EBF-B79F728F6A97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.601:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3FE097FC-A525-4599-9FDA-1A011EECE767\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.602:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9FF51B0D-E020-491D-92A9-D2A01A7417AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.603:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8692341-8DF2-4943-853A-4AAF1F313914\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.604:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"75197306-53DB-4C94-959B-C46D3FB1F42B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.605:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0C5C91C-C1C5-457D-9E09-24C7CACCC280\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.606:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6EB88C92-4F62-471A-8C10-C13C890E764F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.607:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5585DC36-C65F-4FCA-B26F-E4A7901863E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.608:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C7DD56C-66F7-421C-B211-07C7856112C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.609:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8E14B108-228D-454F-AF16-9D9086E4C10B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.610:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"04C91C45-9A96-4E69-8A0A-D619AB45BC08\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.611:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F7C68F4-9ECD-41A9-B4AE-48F028841428\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.612:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"28B75E28-08DE-4CA2-A60B-FB2F61AEC5BA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.613:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B9AA824A-CEE6-460B-A668-92FC3A822305\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.614:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A51FBB3-42CE-40E1-A15D-ADDFBF8E203D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.615:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BEAC1FD5-ECD1-480C-827E-F1AE8484C4EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.615a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D17F613A-6BE1-4B45-8E40-8E44E0EEA756\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.616:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5CB33E9-9AB8-482A-A196-768A2085A49C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.617:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"12BD5CAD-0EB8-48F2-AF80-510584A83446\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.6171:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD8CD2A8-C8E8-4A5F-8355-6DF45C9DF45C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.6172:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92E294FE-F0A2-45FC-BB67-D988DD89D2AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.6173:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9640315B-7F04-4F5A-B213-8FAF509DFF01\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.6174:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA89549A-6CD7-4DDB-A8C8-ADF103F6CDFB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:0.6175:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DF75A192-81C1-4F58-A660-7EFE4F33E58B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4189588A-A887-4D27-B3A0-48A3DBBD5E67\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:5.3:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"52377D39-0F95-4A5D-B66D-16799B8C1EAB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:5.3:beta2:*:*:*:*:*:*\", \"matchCriteriaId\": \"29CC64E2-6F73-457C-8991-4F10FDEFCC54\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:5.04:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DFD219A3-4958-4EA9-A914-37D4F0A8A24D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:5.4:beta1:*:*:*:*:*:*\", \"matchCriteriaId\": \"3E216628-73CE-4DBD-9FAA-09E3257B8FFB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:5.4:beta2:*:*:*:*:*:*\", \"matchCriteriaId\": \"75F8EBAC-E898-44AD-9181-D9749D341196\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:5.4:beta3:*:*:*:*:*:*\", \"matchCriteriaId\": \"FCD9C5D8-3C8C-4892-8FD9-9099E8F410FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:5.4:beta4:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3E4FBC2-C2B3-4D94-BDC0-1CC978186DE5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:5.4:beta5:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7F61370-FA58-499A-9BB2-ACA95342ED49\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:5.4:beta6:*:*:*:*:*:*\", \"matchCriteriaId\": \"5519E330-9BD1-42D7-A94E-3B81113404BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:5.05:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"590FE150-07AF-4E25-B8F8-D0E8500D73B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:e107:e107:5.21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F515DEBF-B55A-4B42-8E1F-AB9A2C3DD8DF\"}]}]}]",
         descriptions: "[{\"lang\": \"en\", \"value\": \"Unrestricted file upload vulnerability in e107 before 0.7.20 allows remote authenticated users to execute arbitrary code by uploading a .php.filetypesphp file.  NOTE: the vendor disputes the significance of this issue, noting that \\\"an odd set of preferences and a missing file\\\" are required.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de subida de fichero sin restricciones en e107 en versiones anteriores a la v0.7.20. Permite a usuarios remotos autenticados ejecutar comandos de su elecci\\u00f3n subiendo un fichero .php.filetypesphp.  NOTA: el fabricante cuestiona la importancia de esta vulnerabilidad, arguyendo que se necesita \\\"un conjunto poco com\\u00fan de preferencias y un fichero perdido\\\".\"}]",
         evaluatorComment: "Per: http://cwe.mitre.org/data/definitions/434.html\r\n\r\n'CWE-434: Unrestricted Upload of File with Dangerous Type'",
         id: "CVE-2010-0996",
         lastModified: "2024-11-21T01:13:22.623",
         metrics: "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:S/C:P/I:P/A:P\", \"baseScore\": 6.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 6.8, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
         published: "2010-04-20T16:30:00.460",
         references: "[{\"url\": \"http://e107.org/comment.php?comment.news.864\", \"source\": \"PSIRT-CNA@flexerasoftware.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://e107.org/svn_changelog.php?version=0.7.20\", \"source\": \"PSIRT-CNA@flexerasoftware.com\"}, {\"url\": \"http://secunia.com/advisories/39013\", \"source\": \"PSIRT-CNA@flexerasoftware.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/secunia_research/2010-44/\", \"source\": \"PSIRT-CNA@flexerasoftware.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/510805/100/0/threaded\", \"source\": \"PSIRT-CNA@flexerasoftware.com\"}, {\"url\": \"http://www.securityfocus.com/bid/39540\", \"source\": \"PSIRT-CNA@flexerasoftware.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0919\", \"source\": \"PSIRT-CNA@flexerasoftware.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/57932\", \"source\": \"PSIRT-CNA@flexerasoftware.com\"}, {\"url\": \"http://e107.org/comment.php?comment.news.864\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://e107.org/svn_changelog.php?version=0.7.20\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/39013\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/secunia_research/2010-44/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/510805/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/39540\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0919\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/57932\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
         sourceIdentifier: "PSIRT-CNA@flexerasoftware.com",
         vulnStatus: "Modified",
         weaknesses: "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]",
      },
      nvd: "{\"cve\":{\"id\":\"CVE-2010-0996\",\"sourceIdentifier\":\"PSIRT-CNA@flexerasoftware.com\",\"published\":\"2010-04-20T16:30:00.460\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unrestricted file upload vulnerability in e107 before 0.7.20 allows remote authenticated users to execute arbitrary code by uploading a .php.filetypesphp file.  NOTE: the vendor disputes the significance of this issue, noting that \\\"an odd set of preferences and a missing file\\\" are required.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de subida de fichero sin restricciones en e107 en versiones anteriores a la v0.7.20. Permite a usuarios remotos autenticados ejecutar comandos de su elección subiendo un fichero .php.filetypesphp.  NOTA: el fabricante cuestiona la importancia de esta vulnerabilidad, arguyendo que se necesita \\\"un conjunto poco común de preferencias y un fichero perdido\\\".\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:S/C:P/I:P/A:P\",\"baseScore\":6.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":6.8,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.7.19\",\"matchCriteriaId\":\"0521F172-C4F7-4054-AA27-A8C5946C7F19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70AB914E-D616-45D2-A451-1C247B8B6E4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA03C1AC-97EA-47ED-9558-A7CA48420AB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32695A82-B042-46B7-9CB4-20F3446E0C9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6716A040-0CBE-4402-AB2A-1621B1240B0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81627355-AB45-4D47-8DD2-4087E6971EF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2DAAA4F-B893-4914-8538-E68DDA211225\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B649DDC6-EEE6-47E1-A69A-831E5C2DD58C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FEEC90E-8640-4786-B014-CAD83EC4F2E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.7.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E29B9B12-4C94-4A8D-B407-2D288502EFE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.7.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5CAADA1-1FBB-4983-A942-FC4490CE8D8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.7.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4D7C699-0E92-4D9C-9D8F-87C39A28ACCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.7.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C62F8AD-EA30-441E-B97F-EF8DE640DC1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.7.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F96C30A8-7E56-4806-B8D7-851D75B08738\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.7.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1C22711-AEC4-438F-9B37-64D36B0BDFC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.7.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E2AA435-E5FC-4555-B582-5C6FFC99327B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.7.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A81364B-FB65-4591-ACA3-9D5991F0C30C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.7.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"069F5C7C-F549-4B92-A1EA-6310CCF64334\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.7.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46EF46A3-7197-4C00-8298-9B938B6EE97B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.7.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B242DBD4-299A-49BC-B399-6C48E04D10DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.545:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DDD8B3B-8580-4624-8D77-E3FD97DFF4A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.547:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF6E08F0-004C-4A00-861D-72A9082C3F41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.548:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBF301C0-0DEF-4922-85BF-66BF6192A745\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.549:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"4805886F-099B-4808-A2FF-0A0B77CD566D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.551:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"984B6A2B-F9D5-48AB-8B57-DD62B200C441\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.552:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"45D6F945-96D1-42A1-AE66-3D7988DE9A15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.553:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"3065526A-4DDE-4F7F-97C5-2E0F3D0D106B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.554:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6454D949-83A2-4F69-92E1-BBCD84F21BC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.554:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"27ABDE74-B886-47A6-909B-7EA428260FAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.555:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC65CB58-4F17-4F8D-9682-9D6C1B33F39D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.600:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E80F85C-61AD-49C0-9EBF-B79F728F6A97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.601:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FE097FC-A525-4599-9FDA-1A011EECE767\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.602:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FF51B0D-E020-491D-92A9-D2A01A7417AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.603:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8692341-8DF2-4943-853A-4AAF1F313914\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.604:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75197306-53DB-4C94-959B-C46D3FB1F42B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.605:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0C5C91C-C1C5-457D-9E09-24C7CACCC280\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.606:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EB88C92-4F62-471A-8C10-C13C890E764F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.607:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5585DC36-C65F-4FCA-B26F-E4A7901863E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.608:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C7DD56C-66F7-421C-B211-07C7856112C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.609:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E14B108-228D-454F-AF16-9D9086E4C10B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.610:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04C91C45-9A96-4E69-8A0A-D619AB45BC08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.611:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F7C68F4-9ECD-41A9-B4AE-48F028841428\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.612:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28B75E28-08DE-4CA2-A60B-FB2F61AEC5BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.613:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9AA824A-CEE6-460B-A668-92FC3A822305\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.614:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A51FBB3-42CE-40E1-A15D-ADDFBF8E203D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.615:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEAC1FD5-ECD1-480C-827E-F1AE8484C4EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.615a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D17F613A-6BE1-4B45-8E40-8E44E0EEA756\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.616:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5CB33E9-9AB8-482A-A196-768A2085A49C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.617:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12BD5CAD-0EB8-48F2-AF80-510584A83446\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.6171:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD8CD2A8-C8E8-4A5F-8355-6DF45C9DF45C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.6172:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92E294FE-F0A2-45FC-BB67-D988DD89D2AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.6173:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9640315B-7F04-4F5A-B213-8FAF509DFF01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.6174:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA89549A-6CD7-4DDB-A8C8-ADF103F6CDFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:0.6175:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF75A192-81C1-4F58-A660-7EFE4F33E58B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4189588A-A887-4D27-B3A0-48A3DBBD5E67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:5.3:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"52377D39-0F95-4A5D-B66D-16799B8C1EAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:5.3:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"29CC64E2-6F73-457C-8991-4F10FDEFCC54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:5.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFD219A3-4958-4EA9-A914-37D4F0A8A24D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:5.4:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E216628-73CE-4DBD-9FAA-09E3257B8FFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:5.4:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"75F8EBAC-E898-44AD-9181-D9749D341196\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:5.4:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCD9C5D8-3C8C-4892-8FD9-9099E8F410FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:5.4:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3E4FBC2-C2B3-4D94-BDC0-1CC978186DE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:5.4:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7F61370-FA58-499A-9BB2-ACA95342ED49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:5.4:beta6:*:*:*:*:*:*\",\"matchCriteriaId\":\"5519E330-9BD1-42D7-A94E-3B81113404BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:5.05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"590FE150-07AF-4E25-B8F8-D0E8500D73B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:e107:e107:5.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F515DEBF-B55A-4B42-8E1F-AB9A2C3DD8DF\"}]}]}],\"references\":[{\"url\":\"http://e107.org/comment.php?comment.news.864\",\"source\":\"PSIRT-CNA@flexerasoftware.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://e107.org/svn_changelog.php?version=0.7.20\",\"source\":\"PSIRT-CNA@flexerasoftware.com\"},{\"url\":\"http://secunia.com/advisories/39013\",\"source\":\"PSIRT-CNA@flexerasoftware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/secunia_research/2010-44/\",\"source\":\"PSIRT-CNA@flexerasoftware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/510805/100/0/threaded\",\"source\":\"PSIRT-CNA@flexerasoftware.com\"},{\"url\":\"http://www.securityfocus.com/bid/39540\",\"source\":\"PSIRT-CNA@flexerasoftware.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/0919\",\"source\":\"PSIRT-CNA@flexerasoftware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/57932\",\"source\":\"PSIRT-CNA@flexerasoftware.com\"},{\"url\":\"http://e107.org/comment.php?comment.news.864\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://e107.org/svn_changelog.php?version=0.7.20\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/39013\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/secunia_research/2010-44/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/510805/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/39540\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/0919\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/57932\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"evaluatorComment\":\"Per: http://cwe.mitre.org/data/definitions/434.html\\r\\n\\r\\n'CWE-434: Unrestricted Upload of File with Dangerous Type'\"}}",
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.